Initial commit
This commit is contained in:
commit
3c5cd43f8c
|
@ -0,0 +1,2 @@
|
|||
__pycache__/
|
||||
venv/
|
|
@ -0,0 +1,83 @@
|
|||
from nacl.public import PrivateKey, PublicKey
|
||||
import identity
|
||||
import socket
|
||||
import sys
|
||||
from shs import SHSClientCrypto, SHSServerCrypto
|
||||
import hmac
|
||||
from hashlib import sha256
|
||||
|
||||
class Peer(object):
|
||||
def __init__(
|
||||
self,
|
||||
identity:
|
||||
identity.Identity,
|
||||
port=8008,
|
||||
network_id=b'42'
|
||||
) -> None:
|
||||
super().__init__()
|
||||
self.identity = identity
|
||||
hostname = socket.gethostname()
|
||||
self.ip_address = socket.gethostbyname(hostname)
|
||||
self.port = port
|
||||
self.ephemeral_keys = None
|
||||
self.network_id = network_id
|
||||
|
||||
def broadcast(self):
|
||||
print(f'#TODO: Broadcast net:{self.ip_address}:{self.port}~shs:{self.identity}')
|
||||
# try:
|
||||
# s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
|
||||
# except socket.error:
|
||||
# print('Failed to create socket')
|
||||
# sys.exit()
|
||||
# host = '255.255.255.255'
|
||||
# port = 55558
|
||||
# while True:
|
||||
# msg = f'net:{self.ip_address}:{self.port}~shs:{self.identity[1:]}'
|
||||
|
||||
def generate_ephemeral_keys(self):
|
||||
sk = PrivateKey.generate()
|
||||
pk = sk.public_key
|
||||
self.ephemeral_keys = {'sk': sk, 'pk': pk}
|
||||
|
||||
def do_handshake(self, role='client'):
|
||||
self.generate_ephemeral_keys()
|
||||
if role=='client':
|
||||
self.client_handshake()
|
||||
|
||||
def client_handshake(self):
|
||||
# Client knows
|
||||
# own private/public keys
|
||||
# ephemeral handshake keys
|
||||
# server public key from discovery
|
||||
# network ID
|
||||
self.send_client_hello()
|
||||
|
||||
def server_handshake(self):
|
||||
# Server already knows
|
||||
# own private/public keys
|
||||
# ephemeral handshake keys
|
||||
# network ID
|
||||
self.verify_client_hello()
|
||||
self.send_server_hello()
|
||||
|
||||
def send_client_hello(self):
|
||||
nacl_auth = bytearray(
|
||||
hmac.HMAC(msg=self.ephemeral_keys.get('pk')._public_key, key=self.network_id, digestmod=sha256).digest()
|
||||
)
|
||||
client_ephemeral_pk = bytearray(self.ephemeral_keys.get('pk')._public_key)
|
||||
return nacl_auth + client_ephemeral_pk
|
||||
|
||||
def verify_client_hello(self, hello_msg: bytearray):
|
||||
assert(len(hello_msg) == 64)
|
||||
client_hmac = hello_msg[0:31]
|
||||
client_ephemeral_pk = hello_msg[32:]
|
||||
hmac.compare_digest(client_hmac, hmac.new(key=self.network_id, msg=client_ephemeral_pk))
|
||||
|
||||
def send_server_hello(self):
|
||||
pass
|
||||
|
||||
if __name__ == '__main__':
|
||||
client = Peer(identity=identity.Identity())
|
||||
server = Peer(identity=identity.Identity())
|
||||
client.generate_ephemeral_keys()
|
||||
print(server.verify_client_hello(client.send_client_hello()))
|
|
@ -0,0 +1,22 @@
|
|||
from nacl.signing import SigningKey
|
||||
import base64
|
||||
|
||||
class Identity(object):
|
||||
"""
|
||||
Container for ED25519 keypair
|
||||
"""
|
||||
def __init__(self) -> None:
|
||||
super().__init__()
|
||||
self.private_key = SigningKey.generate()
|
||||
self.public_key = self.private_key.verify_key
|
||||
|
||||
# def __str__(self):
|
||||
# return bytes.decode(base64.b64encode(self.public_key))
|
||||
|
||||
# def __repr__(self) -> str:
|
||||
# return self.__str__()
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
alice = Identity()
|
||||
print(alice)
|
|
@ -0,0 +1 @@
|
|||
pynacl
|
Loading…
Reference in New Issue